Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-47239HistoryMay 21, 2024 - 3:15 p.m.
CVE-2021-47239
2024-05-2115:15:13
Debian Security Bug Tracker
security-tracker.debian.org
4
linux kernel
usb vulnerability
use-after-free
In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 (“net: usb: fix memory leak in smsc75xx_bind”) fails to clean up the work scheduled in smsc75xx_reset-> smsc75xx_set_multicast, which leads to use-after-free if the work is scheduled to start after the deallocation. In addition, this patch also removes a dangling pointer - dev->data[0]. This patch calls cancel_work_sync to cancel the scheduled work and set the dangling pointer to NULL.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
| Debian | 11 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
| Debian | 10 | all | linux | < 4.19.208-1 | linux_4.19.208-1_all.deb |
| Debian | 999 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
| Debian | 13 | all | linux | < 5.10.46-1 | linux_5.10.46-1_all.deb |
Related
cvelist
cvelist
CVE-2021-47239 net: usb: fix possible use-after-free in smsc75xx_bind
2024-05-21 14:19:39
redhatcve
redhatcve
CVE-2021-47239
2024-05-23 14:02:18
ubuntucve
ubuntucve
CVE-2021-47239
2024-05-21 00:00:00
nvd
nvd
CVE-2021-47239
2024-05-21 15:15:13
cve
cve
CVE-2021-47239
2024-05-21 15:15:13
nessus
nessus
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1983-1)
2024-06-12 00:00:00
SUSE SLES15 Security Update : kernel (SUSE-SU-2024:2185-1)
2024-06-25 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:1979-1)
2024-06-12 00:00:00